Setting LOGALLNEW=Yes causes the startup script to choke with an iptables error. It turns out that LOGALLNEW needs to be a log level (info, etc) and not yes/no. May I suggest that config parameter values be validated. Also, if the parameter was called LOGALLNEW_LEVEL like other log level params .... ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/
Taso Hatzi wrote:> Setting LOGALLNEW=Yes causes the startup script to choke with an > iptables error. > > It turns out that LOGALLNEW needs to be a log level (info, etc) > and not yes/no. > > May I suggest that config parameter values be validated. Also, if > the parameter was called LOGALLNEW_LEVEL like other log level > params ....NC -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/
Taso Hatzi wrote:> Setting LOGALLNEW=Yes causes the startup script to choke with an > iptables error. > > It turns out that LOGALLNEW needs to be a log level (info, etc) > and not yes/no.True -- And I believe that all of the documentation for this option indicates that it must be a log level; am I wrong? One of the features of Shorewall-perl is that it does a much better job of validating every aspect of the configuration than does the current Shorewall-shell implementation. And it does it in a small fraction of the time required by Shorewall-shell.> > May I suggest that config parameter values be validated. Also, if > the parameter was called LOGALLNEW_LEVEL like other log level > params ....I''m afraid it''s a bit late in the game for that. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/